Just to add to what the others have said in regard to what goes where.

Unless that server is a web server or something outward facing it should be behind the router (firewall) as should all LAN devices. Behind the router they're protected. In front of it (between the router and the internet) then it's open to an external attack.

If it is an outward facing server, there are still better ways of protecting it while allowing remote access. Such as, putting it in a DMZ or, using a VPN, or Remote Desktop and a port forward.

It matters not how straight the gate,How charged with punishments the scroll,I am the master of my fate;I am the captain of my soul.

The information on Computing.Net is the opinions of its users. Such
opinions may not be accurate and they are to be used at your own risk.
Computing.Net cannot verify the validity of the statements made on this
site. Computing.Net and Purch hereby disclaim all responsibility
and liability for the content of Computing.Net and its accuracy.